diff --git a/CHANGES b/CHANGES
index 45b425d7ca..83c3ca2934 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,13 @@
+5.0.0-dev.322 | 2022-04-27 21:00:29 +0000
+
+  * Disable OpenSSL initialization starting with 1.1.0 (Johanna Amann, Corelight)
+
+    Starting with OpenSSL 1.1.0, library initialization is no longer
+    required - and might even be harmful.
+
+    See https://wiki.openssl.org/index.php/Library_Initialization for
+    details.
+
 5.0.0-dev.319 | 2022-04-27 17:42:42 +0000
 
   * Wrap call to doctest's MESSAGE() method in Reporter in try/catch block (Tim Wojtulewicz, Corelight)
diff --git a/VERSION b/VERSION
index c755a8b0f7..6b691334d9 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-5.0.0-dev.319
+5.0.0-dev.322
diff --git a/src/zeek-setup.cc b/src/zeek-setup.cc
index 952db62b4f..4ad5f8e3a5 100644
--- a/src/zeek-setup.cc
+++ b/src/zeek-setup.cc
@@ -5,6 +5,7 @@
 #include "zeek/zeek-config.h"
 
 #include <openssl/err.h>
+#include <openssl/opensslv.h>
 #include <openssl/ssl.h>
 #include <signal.h>
 #include <stdio.h>
@@ -544,10 +545,12 @@ SetupResult setup(int argc, char** argv, Options* zopts)
 	// DEBUG_MSG("HMAC key: %s\n", md5_digest_print(shared_hmac_md5_key));
 	init_hash_function();
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	ERR_load_crypto_strings();
 	OPENSSL_add_all_algorithms_conf();
 	SSL_library_init();
 	SSL_load_error_strings();
+#endif
 
 	// FIXME: On systems that don't provide /dev/urandom, OpenSSL doesn't
 	// seed the PRNG. We should do this here (but at least Linux, FreeBSD